- version-stamp.mjs: regenerate package-lock.json after dev version stamp
(mirrors the same fix applied to bump-version.mjs in #4116)
- bump-version.mjs: regenerate root and web/package-lock.json after version
bump so both lockfiles are always in sync at release time
- pipeline.yml: add post-bump validation step that verifies all package.json
files parse as valid JSON before the release commit is made
- pipeline.yml: split "Commit, tag, and push" — commit+tag+rebase happen
before build, but git push is deferred until after build and npm publish
both succeed, preventing a broken tag from landing on main
- pipeline.yml: emit a :⚠️: annotation when live LLM tests fail so
failures are visible in the Actions UI instead of silently swallowed
Closes#4118
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
bump-version.mjs was updating package.json and sub-packages but never
regenerating package-lock.json, causing the lockfile to drift behind
by one version on every release.
Adds `npm install --package-lock-only` as the final step so the lockfile
is always in sync with the version being committed. Also regenerates the
current lockfile to fix the existing 2.58.0 → 2.64.0 drift.
Closes#4115
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
When the prod environment gate is approved, the pipeline now automatically
determines the semver bump from conventional commits, generates a changelog
entry, bumps all package versions, commits + tags + pushes (triggering
build-native.yml for npm @latest), creates a GitHub Release, and posts
to Discord.
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
